PROVIDING TOP-TIER TALENT + EMPOWERING THEM TO MAKE A DIFFERENCE
Following his experience in Silicon Valley with Apple, Brian Carlin, the founder and CEO of Purple Jay, aspired to establish a company that offers exceptional information security personnel, IT engineers, and application developers to the Government. The primary objective was to assist in advancing their missions, streamlining workflows, and fortifying their systems.
OUR PURPOSE
We aim to guide your organization into the right balance of business productivity and implement security measures to maximize outcomes. We understand that effective cybersecurity solutions must go beyond simply protecting data and systems – they must align with your mission so that they will enable and empower your organization.
THE MISSION
We intend to provide cross-domain services with highly skilled and trained personnel supported by cross-matrix, agile teams and proprietary digital solutions with a track record of success. This positively charged approach will exceed clients minimum requirements, reduce client and organizational risk, and maximize the return on investment.
ATTENTION TO DETAIL MATTERS
PURPLE JAY EXPLAINED
WHY THE COLOR PURPLE?
The concept of "Purple" symbolizes the ongoing collaboration between the "Red" and "Blue" teams, representing offense and defense, respectively. This represents a noteworthy paradigm shift in modern information security programs, aiming to enhance effectiveness and cater to the constantly evolving requirements of clients, companies, and government agencies. Embracing the "Purple" mindset acknowledges the importance of simultaneously playing offense and defense to achieve excellence.
WHY A JAYBIRD?
Jaybirds possess traits of curiosity, assertiveness, and intellect. Additionally, they are recognized for raising the alarm when they sense potential dangers, prioritizing the safety of others. We firmly believe that achieving success entails cultivating inquisitive minds while prioritizing our clients' well-being. Our objective is to inquire, explore further, foster creativity, instill confidence, and exhibit assertiveness in order to effectively optimize business and safeguard our clients.
WHY THE HONEYCOMB?
The construction of a beehive thrives on teamwork, communication, and unwavering nurturing. It necessitates adaptation to a constantly changing environment through meticulous planning and timely anticipation, shielding the hive from surrounding threats and vulnerabilities. We recognize that these elements are vital for delivering cross-domain, cross-matrix services, and innovative solutions
CLEARANCE & CERTIFICATIONS
TOP TIER + HIGHLY SKILLED
Purple Jay operations are DCAA-Compliant
Personnel holds a variety of notable certifications.
TRACK RECORD OF SUCCESS
ACHIEVEMENTS AND OUTCOMES
Purple Jay is privileged to enable the business and mission of a variety of Government and Commercial clients through sole source and teaming agreements with outstanding partners. The utilization of our primary services and pre-flight solutions has a track record of success increasing productivity, modernizing infrastructure, and sensibly securing systems.
INFOSEC DATA FUSION EFFORTS
Our InfoSec SMEs and Data Analysts identified key cyber operations and compliance datasets across organizational divisions, building interdependent relationships to tailor a unique ETL and queryable database, enabling enhanced visibility and tracking of governance KPIs against FISMA requirements.
KEY ACHIEVEMENT: Improved visibility gap enabling OCIO with Governance BI aiding data-informed security & compliance strategy
COMPLIANCE PORTAL (DASHBOARD)
Our Developers, with support from InfoSec SMEs and CSPO, worked directly with Client Stakeholders to tailor TAWNY components for a Compliance Dashboard, providing BI to increase compliance accountability, enhance security posture visibility, and improve governance reporting accuracy.
KEY ACHIEVEMENT: Agency FISMA Score improved
ST&E ONGOING ASSESSMENT
Our SMEs execute ongoing application and system testing and evaluation (ST&E) to support authorization and continuous monitoring requirements to assess risk appropriately with each system change and application release.
KEY ACHIEVEMENT: Developed Ansible scripts to optimize STIG hardening and streamline ST&E, improving accuracy and reducing assessment time to a few days
VULNERABILITY MANAGEMENT AUTOMATION
Our Developers, with support from InfoSec SMEs, worked to tailor HERON components for a web app that ingests vulnerability scans (NESSUS, SonarQube, SCAP, etc.), automates categorization, outputs vuln change management logs, and stores remediation plans.
KEY ACHIEVEMENT: Streamlined continuous monitoring activities with security documentation (POA&M Report) and VM reporting as a CI/CD pipeline and automated build process
SECURITY AUTHORIZATION DOCUMENTATION
Our cross-matrix partnership between InfoSec SMEs and developers optimized the generation of the SSP, SAP, SAR, POA&M as well as the maintenance of the RMF package.
KEY ACHIEVEMENT: Developed Documentation CI/CD pipeline automating SSP development and management, including multi-formatted (.doc, .pdf., JSON, . XML) exports. Obtained ATC and ongoing ATO.
IT MODERNIZATION & THREAT DETECTION
Our SMEs modernized and migrated corporate infrastructure from a legacy on-premise approach to a scalable cloud with idempotent processes. Modernization included managed end-points and other managed InfoSec services.
KEY ACHIEVEMENT: Improved corporate security posture with sensible access controls and implemented accountability and audit functions. Increase business productivity through SaaS solutions and training.
POA&M OPTIMIZATION WITH CVSS
Our SMEs worked with client VM and ConMon teams to drastically enhance business workflow by parsing Vuln Scans into a manageable FedRAMP-approved POA&M while aligning ALAS numbers to CVSS satisfying regulatory expectations.
KEY ACHIEVEMENT: Reduced manual workload and processes down from 3 days to less than a day. Programmatically aligned organization workflows to meet regulatory expectations
FULL STACK WEB APP DEVELOPMENT
A cross-matrix team (Product Owner, BI SME, and Developer) tailored TAWNY components into a Full Stack web app that automates unique business workflows, provides BI insights and dashboards, and outputs state-compliant reports.
KEY ACHIEVEMENT: Deployed a unique SaaS solution that provided business scalability, RBAC functions, and increased business and compliance accuracy
CLIENTS WE HAVE SERVED
US Patent and Trademark Office
Federal Emergency Management Agency
Naval Air Systems Command
Army Network Enterprise Technology Command
Department of Veteran Affairs
Pension Benefit Guaranty Corporation
Amazon Web Services
How can we help?
Purple Jay, LLC is positioned to provide seasoned personnel to meet and exceed your expectations. Our personnel maintains proper and current OSCP, PMP, Security+ CE, CISSP, CISM, CCNA Security, CSPO, and CEH certifications.